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doI icv MaDoi nQS 
issuer Domain Pol icy 
subject Domain Pol icy 


NECESSARY ONLY WHEN CA IS 
CERTIFIED. AN ISSUER DOMAIN 
POLICY AND A SUBJECT DOMAIN 
POLICY ARE DEFINED. 


NONE BY DEFAULT 


^uDoorted Alaorithms 
algorithm Identifier 
i n tended UsaQe 
intended Certificate 

Pol icies 


ATTRIBUTES OF THE DIRECTORY 
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(X.500) ARE DEFINED. WHEN THE 
OPPOSITE PARTY OF 
COMMUNICATION IS TO USE 
DIRECTORY 1 NFORMAT 1 ON, THAT 
PARTY IS INFORMED OF THE 
DIRECTORY ATTRIBUTES IN 
ADVANCE. 


NONE BY DEFAULT 


subject Alt Name 


USER'S ALTERNATIVE NAME 
(GENERAL NAME FORMAT). 


NOT USED 


issuer Alt Name 


THIS FIELD IS INCLUDED 
(NONE BY DEFAULT). 


NONE BY DEFAULT 


subject Directory 
Attributes 


USER'S ANY ATTRIBUTES. 


NOT USED 


basic Constraints 
cA 

path Len Constraint 


THIS FIELD SPECIFIESVJHeWE*. 
THE PUBLIC KEY SUBJECT TO 
CERTIFICATION IS TO BE 
SIGNED BY THE CERTIFICATE 
AUTHORITY (CA) OR USED BY 
THE USER. 


USED BY USER 
BY DEFAULT 


name Constraints 
permitted Subtrees 
~ "base 
minimum 
max i mum 

excluded Subtrees 


USED ONLY WHEN THE SUBJECT 
IS CA (CA CERTIFICATION). 


NONE BY DEFAULT 


pol icy Constraints 
require Exp 1 icit Pol icy 
inhibit Pol icy Mapping 


DESCRIBED HERE ARE 
CONSTRAINTS REQUIRING 
EXPLICIT POLICY IDs AND 
INHIRIT Pfll 1 PY MAPPING FOR 

THE REMAINING CERTIFICATION 
PATHS. 




CRL Distribution Points 


DESCRIBED HERE ARE POINTS AT 
WHICH THE USER REFERENCES 
THE CERTIFICATE REVOCATION 
LIST (CRL) TO SEE WHETHER 
THE CERTIFICATE IS REVOKED. 


THESE POINTS SERVE AS 
POINTERS INDICATING 
WHERE THE CERTIFICATE IS 
REGISTERED. THE 
CERTIFICATE REVOCATION 
LIST IS MANAGED BY THE 
ISSUER. 


SIGNATURE 


ISSUER'S SIGNATURE 
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reauire Exolicit Policy 
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EXPLICIT POLICY IDs AND 
INHIBIT POLICY MAPPING FOR 
THE REMAINING CERTIFICATION 
PATHS. 




CRL Distribution Points 


DESCRIBED HERE ARE POINTS AT 
WHICH THE USER REFERENCES 
THE CERTIFICATE REVOCATION 
LIST (CRL) TO SEE WHETHER 
THE CERTIFICATE IS REVOKED. 


THESE POINTS SERVE AS 
POINTERS INDICATING 
WHERE THE CERTIFICATE IS 
REGISTERED. THE 
CERTIFICATE REVOCATION 
LIST IS MANAGED BY THE 
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